An American who was living in Singapore illegally accessed the personal information belonging to 14,200 individuals diagnosed with HIV and leaked it online. The stolen data included the names, contact information and test results of thousands of people diagnosed with HIV in Singapore. The majority of the patients whose data was leaked are foreigners.
That American convicted of numerous crimes is believed to have leaked the information after obtaining it from his boyfriend, a Singaporean doctor with access to the HIV registry, the ministry of health said.
The latest breach, while not due to a cyber attack, comes after Singapore’s worst cyber attack in 2018. From June 27 to July 4 last year, hackers infiltrated the computers of SingHealth and stole the personal particulars of 1.5 million patients, including Prime Minister Lee Hsien Loong.
The MOH(Ministry of Health) said the information was in the possession of a U.S. citizen named Mikhy K Farrera Brochez, who had been remanded to prison in Singapore in 2016, convicted of numerous fraud and drug-related offences. The ministry said Brochez had lied about his HIV status in order to obtain an employment pass in the country.
He is the boyfriend of Ler Teck Siang, the former head of Singapore’s National Public Health Unit, who was convicted of helping Farrera-Brochez falsify his medical records to disguise his HIV-positive status.
Officials said Ler offered his own blood labelled as Farrera-Brochez’s to allow him entry to the country.
In a statement, the health ministry blamed Ler for the breach, accusing him of not complying with the policies regarding the handling of confidential data.
They said they were first made aware in 2016 that the American may have had confidential information but thought all material had been seized and secured by police.
Citing a local charity, CNN reported on Monday that while the law prohibiting HIV-positive tourists from entering the state had been relaxed, they are still barred from receiving employment visas or permanent resident status.
The exposed records belong to 5,400 Singaporeans diagnosed with HIV before January 2013, and 8,800 foreigners diagnosed before December 2011, the MOH said.
The police said, “While access to the confidential information has been disabled, it is still in the possession of the unauthorized person, and could still be publicly disclosed in the future.” They added, “We are working with relevant parties to scan the Internet for signs of further disclosure of the information.”
Health Minister Gan Kim Yong told reporters “Going forward, we will continue to strengthen and to review our systems to ensure they are secure, and our priority remains the patients’ well-being and we will extend whatever assistance and support that we can for them.”
The Health Ministry has set up a hotline for those who need additional information, and counselors are also available to assist them and to provide additional support if necessary.
This major leak of the confidential data could hamper a fight against new infections among LGBT+ people in Singapore, a NGO said on Tuesday. Official data show that about half of the 434 new HIV cases reported in 2017 were transmitted through same-sex intercourse. Gay sex remains a crime in Singapore under British colonial-era law.
LGBT+ groups have set up support services following the breach, but NGOs are afraid that it would discourage LGBT+ people living with HIV from seeking help, fearing that their details will be compromised.
Source – news.yahoo.com, straitstimes.com, gizmodo.com, vanguardngr.com, bbc.com